Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
308-101-0x0000000002450000-0x0000000002494000-memory.dmp
-
Size
272KB
-
Sample
230215-ecrpkahe5s
-
MD5
76b1e33f95c2033293d086f4a5cf53ba
-
SHA1
a5eaa2b37d960f5854cbfd42cb6692d47be12706
-
SHA256
8be48c851e17bda8489b850d28718aab5d3f2657cec1f125ccb174e09f5cc610
-
SHA512
aded848ad678fa4223df926c2a167a6ba93af4809c6362cc6ef70d73e9ece4e5d0fd033ef1cf9e196ff96642518137815675f6b20969f7ae27f9e76411f18d1a
-
SSDEEP
3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wir:B6jodYx9cYKpzwAAh3nz7u
Behavioral task
behavioral1
Sample
308-101-0x0000000002450000-0x0000000002494000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
308-101-0x0000000002450000-0x0000000002494000-memory.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
308-101-0x0000000002450000-0x0000000002494000-memory.dmp
-
Size
272KB
-
MD5
76b1e33f95c2033293d086f4a5cf53ba
-
SHA1
a5eaa2b37d960f5854cbfd42cb6692d47be12706
-
SHA256
8be48c851e17bda8489b850d28718aab5d3f2657cec1f125ccb174e09f5cc610
-
SHA512
aded848ad678fa4223df926c2a167a6ba93af4809c6362cc6ef70d73e9ece4e5d0fd033ef1cf9e196ff96642518137815675f6b20969f7ae27f9e76411f18d1a
-
SSDEEP
3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wir:B6jodYx9cYKpzwAAh3nz7u
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-